DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 9th July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default issues with setting up symon on openbsd

i am trying to set up symon on my OpenBSD machine and i am using the steps in

http://www.twopenguins.it/2009/06/in...sd-72/#more-12

I have pretty much followed everything but my problem is generating the graphs. when i try to view form another web browser i get internet explorer can not display the webpage.

Anyone know what i am doing wrong? Please help. thanks
Reply With Quote
  #2   (View Single Post)  
Old 9th July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

That link is a "how to" for FreeBSD.

It also assumes you have a working Apache/PHP environment. Do you? e.g.: if you are using OpenBSD's built-in Apache, have you read and followed the instructions in FAQ 10.16?

While I don't use symon, I'm sure that even a symon user will not be able to help you without the specific configuration information from your system. The "how to" you referenced descirbes directories that do not exist with OpenBSD, you know.

Try posting your configuration information. If you copy/paste configuration files, please tag the content with [ code ] [ / code ] tags, so that it remains readable.

Lastly, have you seen the package installation message? If you missed it, try:
$ pkg_info symon
and then:
$ pkg_info -L symon
Reply With Quote
  #3   (View Single Post)  
Old 9th July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default

thnx 4 d reply, i am kinda a newbie with openbsd.

i assume i have the built in apache running bcos when i do a lynx localhost i can see "it worked"

i also installed php using # pkg_add php4-core-4.3.8.tgz (that was all i did. not sure if i have to do more)
i don know how to check if i have php running so I cant say for now that it is properly installed.

Also i know those directories do not exit but a couple of them are created after symon, syweb etc are installed. i think i have also used the right directories in my own scenario.

what is Apache default directory for www files, &
Which configuration files will be useful to troubleshoot?

I have only included the result of the pkg-info for symon
Attached Images
File Type: jpg symon pkg info.jpg (43.8 KB, 52 views)
Reply With Quote
  #4   (View Single Post)  
Old 10th July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

Quote:
Originally Posted by badguy View Post
...i assume i have the built in apache running bcos when i do a lynx localhost i can see "it worked"
Correct.
Quote:
...i also installed php using # pkg_add php4-core-4.3.8.tgz (that was all i did. not sure if i have to do more)
php4-core-4.3.8 ??? Are you absolutely sure? That version was for OpenBSD 3.4, which was released in 2003 and has not been supported since November 2004. (By the way, the last release of OpenBSD to have php4 in it was 4.3, which is no longer supported, either. The most recent release is 4.5; 4.6 will be released on or about November 1. Only the most recent release and its immediate antecedent are supported.)
Quote:
...i don know how to check if i have php running so I cant say for now that it is properly installed.
You do not have an operational PHP system, as additional steps are required to integrate it into the web server. When you installed this ancient package, you should have seen the echo'ed message from within this script on your console. This script (link below) was part of the packaging of php4-core for OpenBSD-3.4, back in 2003:

http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/www/php4/core/pkg/Attic/INSTALL?rev=1.4;content-type=text%2Fplain;hideattic=0
Quote:
what is Apache default directory for www files, &
Which configuration files will be useful to troubleshoot?
The built-in Apache is chrooted. It was chrooted, even back when your version of the OS was released. The OpenBSD FAQ discusses this in FAQ 10.16. Of course, it is discussing the most recent -release... which is years beyond what you are running. I mentioned this FAQ to you, above. It also describes the directory structure used by the built in webserver, /var/www. Please, read it. More than once.

If you wish to become a successful and happy OpenBSD user:
  1. Run a supported system. No one can really help you, or will even want to help you, with such an antiquated OS. Not only is it very different from what everyone else is using, so that they cannot replicate your environment without a great deal of effort ..... there have been hundreds of thousands of patches and fixes and improvements applied in the years since 3.4-release. Including many security fixes. If this platform gets exposed to the Internet in any way, it is ... unsafe. Really. If it were just an internal-network router and had no services running... it might be considered robust enough. But certainly not when serving dynamic web applications. And never when exposed to the Internet. Even with nothing on it, if it gets compromised, it becomes a vector in to other platforms on your private network.
  2. Read the FAQ. Please. And do so repeatedly. Over and over. It is the handbook; much more than simply a FAQ, it is the primary "how to" collection for the OpenBSD community, written by the developers. It covers almost all aspects of general operation that admins will be interested in. Note that since the FAQ is for the most recent release, so most of it won't apply to your antiquated platform. (It is possible to grab a historical FAQ from CVS, as I've done for the php4 post-install message script... but you're better off installing and using a modern release. The changes to the OS since 3.4 have been vast.)
  3. Avoid "how to" documents you find in the wild. While some might be wonderful, most will lead you astray; they are often written by new users, who while proud of some accomplishment usually are not technical writers, do not explain what and why they make particular choices for commands and configuration information, nor what the implications are for environments that do not exactly match their own particular configurations may be. More people have gotten into trouble blindly following "how to" documents than you might imagine.

Last edited by jggimi; 10th July 2009 at 04:02 AM.
Reply With Quote
  #5   (View Single Post)  
Old 10th July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

OK. Now I'm confused about the state of your system: your PHP package is six years old and long since considered dead ... but your Symon (from your attached image) is more modern.

What kind of Frankensystem are you actually running?
Reply With Quote
  #6   (View Single Post)  
Old 10th July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default

thank 4 d advise as regards "how to docs", will review the documentation properly.

2ndly i actually meant php5-core.5.2.6 (earlier mistake was as a result of copy & paste, sorry bout that) and i am running OpenBSD 4.4

I also realized i have not installed php properly. I am trying to do this now but when i run /usr/local/sbin/phpxs i get an error saying not found.

I seached online and it seems the phpxs does not need to be run on newer versions of php. . i can see it is recommend to install through packages that is why i have not used ports. any suggestion on the php installation?
Reply With Quote
  #7   (View Single Post)  
Old 10th July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

Quote:
Originally Posted by badguy View Post
... will review the documentation properly....
Really? See below.
Quote:
...i actually meant php5-core.5.2.6...
When you give me misleading information, you will get misleading advice. Garbage in, garbage out.
Quote:
.... but when i run /usr/local/sbin/phpxs i get an error saying not found.
Of course. That's because you are now trying to follow some six year old instructions for a release of PHP that you do not have installed. The link I provided is from 2003, and is for php4-core-4.3.8.

To get the actual documentation you should have reviewed, issue this command:
$ pkg_info -M php5-core
The output will repeat the message that appeared on your console when you installed php5-core.
Reply With Quote
  #8   (View Single Post)  
Old 20th July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default

Okay so i have all the component i need to get symon running and i have php up and running. however i still can not get symon working. browsing to the localhost just produces my php page. i ve included the config file ive modified? i cant figure out what i am doing wrong. any help out pls


configuration is as follows

# pkg_info

gcc-4.2.20070307p11 GNU compiler collection: core C compiler
gettext-0.17p0 GNU gettext
libart-2.3.20p0 high-performance 2D graphics library
libiconv-1.12 character set conversion library
libxml-2.6.32p2 XML parsing library
mysql-client-5.0.77 multithreaded SQL database (client)
mysql-server-5.0.77 multithreaded SQL database (server)
p5-DBD-mysql-4.010 MySQL drivers for the Perl DBI
p5-DBI-1.607 unified perl interface for database access
p5-Net-Daemon-0.43 extension for portable daemons
p5-PlRPC-0.2018p0 module for writing rpc servers and clients
php5-core-5.2.8p0 server-side HTML-embedded scripting language
png-1.2.33 library for manipulating PNG images
rrdtool-1.2.30 system to store and display time-series data
symon-2.78 active monitoring tool
syweb-0.55p1 web frontend to symon



#vi /etc/symon.conf


#
# $Id: symon.conf,v 1.12 2004/02/26 22:48:08 dijkstra Exp $
#
# Demo configuration for symon. See symon(8) for BNF.

monitor { cpu(0), mem,
if(vic0),
# pf,
# mbuf,
# sensor(0),
# proc(httpd),
# if(xl0), if(de0), if(wi0),
# io(wd1), io(wd2), io(wd3), io(cd0)
io(wd0)
} stream to 127.0.0.1 2100
~
~

#vi /etc/symux.conf


# $Id: symux.conf,v 1.23 2007/11/29 13:13:18 dijkstra Exp $
#
# Demo symux configuration. See symux(8) for BNF.

mux 127.0.0.1 2100

source 127.0.0.1 {
accept { cpu(0), mem,
if(vic0),
# pf,
# mbuf,
# sensor(0),
# proc(httpd),
# if(xl0), if(de0), if(wi0),
# io(wd1), io(wd2), io(wd3), io(cd0)
io(wd0)
}
datadir "/var/www/htdocs/syweb/localhost"
}


#vi /var/www/htdocs/syweb/setup.inc


/* running OpenBSD, apache chrooted:
$symon['rrdtool_path']='/usr/local/bin/rrdtool';
$symon['cache_dir']='/var/www/htdocs/syweb/cache';
$symon['host_tree']='/var/www/htdocs/syweb';
$symon['layout_dir']='/var/www/htdocs/syweb';
*/

/* running OpenBSD, apache not chrooted: */
$symon['rrdtool_path']='/usr/local/bin/rrdtool';
$symon['cache_dir']='/var/www/htdocs/syweb/cache';
$symon['host_tree']='/var/www/htdocs/syweb';
$symon['layout_dir']='/var/www/htdocs/syweb';


/* running FreeBSD, apache not chrooted:
$symon['rrdtool_path']='/usr/local/bin/rrdtool';
$symon['cache_dir']='/usr/local/www/symon/cache';
$symon['host_tree']='/usr/local/www/symon/rrds';
$symon['layout_dir']='/usr/local/www/symon';
*/

$symon['cache_duration']=20;
$symon['isolate_hosts']=1;
$symon['combine']['pfq']=1;
$symon['combine']['io']=1;
$symon['options']['df']='bytes';
/* $symon['options']['df']='blocks'; */
Reply With Quote
  #9   (View Single Post)  
Old 20th July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

Did you start the symux and symon daemons? That would normally be done in /etc/rc.local.
Reply With Quote
Old 20th July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default

here is what my rc.conf.local looks like

#!/bin/sh -
#
# $OpenBSD: rc.conf,v 1.131 2008/11/27 00:52:06 uwe Exp $

# set these to "NO" to turn them off. otherwise, they're used as flags
ripd_flags=NO # for normal use: ""
mrouted_flags=NO # for normal use: "", if activated
# be sure to enable multicast_router below.
dvmrpd_flags=NO # for normal use: ""
ospfd_flags=NO # for normal use: ""
ospf6d_flags=NO # for normal use: ""
bgpd_flags=NO # for normal use: ""
rarpd_flags=NO # for normal use: "-a"
bootparamd_flags=NO # for normal use: ""
rbootd_flags=NO # for normal use: ""
sshd_flags="" # for normal use: ""
named_flags=NO # for normal use: ""
rdate_flags=NO # for normal use: [RFC868-host] or [-n RFC2030-host]
timed_flags=NO # for normal use: ""
ldattach_flags=NO # for normal use: "[options] linedisc cua-device"
ntpd_flags=NO # for normal use: ""
isakmpd_flags=NO # for normal use: ""
sasyncd_flags=NO # for normal use: ""
mopd_flags=NO # for normal use: "-a"
apmd_flags=NO # for normal use: ""
dhcpd_flags=NO # for normal use: ""
dhcrelay_flags=NO # for normal use: "-i interface [server]"
rtadvd_flags=NO # for normal use: list of interfaces
# be sure to set net.inet6.ip6.forwarding=1
route6d_flags=NO # for normal use: ""
# be sure to set net.inet6.ip6.forwarding=1
rtsold_flags=NO # for normal use: interface
# be sure to set net.inet6.ip6.forwarding=0
# be sure to set net.inet6.ip6.accept_rtadv=1
lpd_flags=NO # for normal use: "" (or "-l" for debugging)
sensorsd_flags=NO # for normal use: ""
hotplugd_flags=NO # for normal use: ""
watchdogd_flags=NO # for normal use: ""
ftpproxy_flags=NO # for normal use: ""
hostapd_flags=NO # for normal use: ""
ifstated_flags=NO # for normal use: ""
relayd_flags=NO # for normal use: ""
snmpd_flags=NO # for normal use: ""
symon_enable=YES
symux_enable=YES


# use -u to disable chroot, see httpd(8)
httpd_flags="" # for normal use: "" (or "-DSSL" after reading ssl(8))

# For normal use: "-L sm-mta -bd -q30m", and note there is a cron job
sendmail_flags="-L sm-mta -C/etc/mail/localhost.cf -bd -q30m"
spamd_flags=NO # for normal use: "" and see spamd(8)
spamd_black=NO # set to YES to run spamd without greylisting
spamlogd_flags="" # use eg. "-i interface" and see spamlogd(8)

# Set to NO if ftpd is running out of inetd
ftpd_flags=NO # for non-inetd use: "-D"

# Set to NO if identd is running out of inetd
identd_flags=NO # for non-inetd use: "-b -elo"

# On some architectures, you must also disable console getty in /etc/ttys
xdm_flags=NO # for normal use: ""

# For enabling console mouse support (i386 alpha amd64)
wsmoused_flags=NO # for ps/2 or usb mice: "", serial: "-p /dev/cua00"



unfortunately when i reboot and do a ps -ax i do not see symon started up so i have to start it manually.


I also realized that when i add a -d option for symon it starts and does not generate any error while adding a -d option to symux shows the following


# /usr/local/libexec/symux -d
symux version 2.78
program id=10679
debug: size of churnbuffer = 568
debug: shm from 0x82b41000 to 0x82c42390
debug: symux packet size=404
warning: mux address 127.0.0.1 2100 already in use
fatal: no sockets could be opened for incoming symon traffic

Any idea why this is generated? my symux.conf is as follows:

mux 127.0.0.1 2100

source 127.0.0.1 {
accept { cpu(0), mem,
if(vic0),
# pf,
# mbuf,
# sensor(0),
# proc(httpd),
# if(xl0), if(de0), if(wi0),
# io(wd1), io(wd2), io(wd3), io(cd0)
io(wd0)
}
datadir "/var/www/htdocs/syweb/localhost"
}


Process running are as follows
# ps ax
PID TT STAT TIME COMMAND
1 ?? Ss 0:00.02 /sbin/init
16230 ?? Is 0:00.00 dhclient: vic0 (dhclient)
11423 ?? Is 0:00.01 syslogd: [priv] (syslogd)
4439 ?? S 0:00.03 syslogd -a /var/empty/dev/log
24058 ?? Ss 0:00.10 sendmail: accepting connections (sendmail)
20542 ?? Ss 0:00.14 httpd: parent [chroot /var/www] (httpd)
16518 ?? Is 0:00.00 inetd
7866 ?? I 0:00.01 httpd: child (httpd)
2039 ?? I 0:00.06 httpd: child (httpd)
9293 ?? I 0:00.06 httpd: child (httpd)
16691 ?? I 0:00.01 httpd: child (httpd)
12421 ?? I 0:00.01 httpd: child (httpd)
25641 ?? Is 0:00.01 /usr/sbin/sshd
9998 ?? Is 0:00.01 cron
13845 ?? Ss 0:00.15 sshd: root@ttyp0 (sshd)
28826 ?? I 0:00.00 httpd: child (httpd)
15627 ?? I 0:00.01 httpd: child (httpd)
24964 ?? I 0:00.00 httpd: child (httpd)
25652 ?? Ss 0:00.00 /usr/local/libexec/symon
22964 ?? Ss 0:00.03 /usr/local/libexec/symux
5532 p0 Ss 0:00.03 -ksh (ksh)
30606 p0 R+ 0:00.00 ps -ax
3505 C0- I 0:00.00 dhclient: vic0 [priv] (dhclient)
5954 C0 Is+ 0:00.01 /usr/libexec/getty std.9600 ttyC0
1638 C1 Is+ 0:00.01 /usr/libexec/getty std.9600 ttyC1
6382 C2 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC2
4894 C3 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC3
24981 C5 Is+ 0:00.00 /usr/libexec/getty std.9600 ttyC5
Reply With Quote
Old 20th July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,894
Thanked 214 Times in 189 Posts
Default

Reread this post, which I wrote in another of your threads, earlier today:

http://www.daemonforums.org/showthre...3571#post25627

You can edit /etc/rc.conf until the heat death of the universe, and it will never have any impact on 3rd party software such as symon. All it can do is set variables used by rc(8). And the variables you made up for symon and symux won't avail you.


Re-read my last post, above, where I told you to edit the rc.local script.

I cannot help you with symon configuration problems, as I have never used it.
Reply With Quote
Old 21st July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jggimi View Post
Did you start the symux and symon daemons? That would normally be done in /etc/rc.local.
Yes, Done this now.
i have edited the rc.local and symon and symux start up at boot. but i still cant view the graphs by browsing to localhost. i guess right now my problem is viewing the graphs with syweb.

my log files reflect

Jul 21 11:32:27 symux savecore: no core dump
Jul 21 11:32:30 symux symux: symux version 2.78
Jul 21 11:32:30 symux symux: listening for incoming symon traffic on udp 127.0.0.1 2100
Jul 21 11:32:30 symux symux: listening for incoming connections on tcp 127.0.0.1 2100
Jul 21 15:32:30 symux symon: symon version 2.78
Jul 21 15:32:30 symux symon: sending packets to udp 127.0.0.1 2100
Jul 21 15:32:30 symux symon: started module io(wd0)
Jul 21 15:32:30 symux symon: started module if(vic0)
Jul 21 15:32:30 symux symon: started module mem()
Jul 21 15:32:30 symux symon: started module cpu(0)
Reply With Quote
Old 22nd July 2009
badguy badguy is offline
Fdisk Soldier
 
Join Date: Jul 2009
Location: MD, USA
Posts: 59
Thanked 0 Times in 0 Posts
Default

Okay so i finally got it working. lol
i ll post a step by step process here so no one will ever go tru the stress i went through just to get symon working bcos apparently there seem to be very few symon documentations and none of them is explicit
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up nameservers paran0iaX OpenBSD General 11 13th March 2009 12:16 PM
Gnome issues in OpenBSD 4.2 Shredder OpenBSD General 61 27th May 2008 07:34 AM
Setting Up MPD benjgvps FreeBSD General 0 21st May 2008 12:20 PM
setting up a proxy server in OpenBSD 4.3 jrake OpenBSD General 1 14th May 2008 06:43 PM
thanks for setting this up DraconianTimes Off-Topic 8 5th May 2008 08:14 AM


All times are GMT. The time now is 10:06 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick